Problem / Outcome Summary

This guide applies to:

Why might I want to do this?

Typically, if you want to test port mapping, it’s because you’re trying to allow something on the internet, access to something on your internal network, beit at home or at work. Sometimes things aren’t working properly and you just want to test if the port mapping is working. Read on for more info.

Foreword

What do I get by using this testing method?

This testing method uses known internet based port detection methods that originate OUTSIDE your home or work network. This is exactly what you need for most scenarios as typically it’s outside your network that you’re attempting to let in.

What kinds of port forwarding tests are there?

There are two main types of tests we can utilise here. The first is like it sounds, it tests the ‘open’ or ‘closed’ state of a given network port and additionally if there is a response on the end of it. The second is more of a catch all, which checks for any common port open on your IP address. This is more typically used to check your security, but can also be used as a test here.

Security

Of course as with all things on the internet, security should be a concern. Also depending on how concerned you are with that there are multiple levels of security you could worry about.

Of particular note with port forwarding is UPnP (Universal Plug ‘n’ Play). This is provisioned to make things easy for people by automatically setting up the port forwarding rules in your router. Of course the big danger with this is that there is no approval process and any software you download (or anyone else downloads) could potentially open up your internet connection in any way it decides. Therefore, if you know what you’re doing, I personally recommend disabling UPnP on your router to prevent unauthorised access due to a virus or similar and setting up manually. This way you can be sure of what ports you’ve opened and manage them accordingly.

In addition, please make sure you have a decent firewall. This might be in your computers software if you have a modem connected directly to your computer, but these are the lowest grade of firewall. Better is a separate piece of hardware that you connect with over Ethernet or Wifi, typically called a router, or may actually be a proper firewall also.

One of the advantage these dedicated hardware devices is that they protect your whole network rather than just a single computer.

Home routers have come a long way and are a lot better, but do not match the features and capabilities of a true firewall. See our post on setting up IPFire for creating your own network based Firewall from scratch here.

Test a single port – Telnet method

Another method which is often not known about is using telnet. To do this however, you need to run it outside of your network. Also, be careful that where ever you run it, that network’s firewall hasn’t blocked the port you are trying to test. If you have a laptop, an easy way to do this is to connect it to your phone’s WiFi hotspot. Just be sure to disable any other network connections.

The simple telnet test notation is like this

telnet <IP ADDRESS> Port

So typically in windows or Linux you could type telnet 201.55.102.1 80

If the connection is refused, that typically means the port is blocked. If the connection says ‘Trying’ for some time, that typically means the port is open, but nothing is connected behind it. And finally, if you get ‘Connected to’ etc. Then the port is open and the service is working behind it. Press CTRL-C and or Enter a few times to get out.

Scan for any open ports

To scan for any open ports (typically restricted to ports within a common range), simply do the same as above, except go to these sites instead. Remember your IP Address: 173.248.187.161

Other

In addition to online tools, you can also download specialised software and scan your network from an alternate location. This can be done with a tool such as OpenVAS which also does full security checking. However, for purposes of checking open ports, the above will be much simpler to serve the purpose.